<?php

require_once '../config/config.php';
require_once '../config/common.php';
//$user = checksession();
$act = test_input($_REQUEST['act']);
$type = test_input($_REQUEST['type']);
$conn = new mysqli(HOST, USER, PASSWORD, DATABASE);
if ($conn->connect_errno) {
die('数据库连接失败' . $conn->connect_error);
}
if ($act == 'del') {
$id = $_REQUEST['id'];
$src = test_input($_REQUEST['img']);
$stmt = $conn->prepare('delete from media_list where id=? and img=?');
$stmt->bind_param('is', $id, $src);
$stmt->execute();
imgDel($src);
if ($stmt->affected_rows == 1) {
echo "<script>alert('删除成功,点击返回');window.location='media.php?type=$type'</script>";
} else {
echo "<script>alert('删除失败,点击返回');window.location='media.php?type=$type'</script>";
}
}


if ($act == 'update') {
if ($_FILES['file']['size'] > 0) {
try {
$id = $_REQUEST['id'];
$title = test_input($_REQUEST['title']);
$content = test_input($_REQUEST['content']);
if (empty($title)) {
throw new Exception('请输入标题');
}
if (empty($content)) {
throw new Exception('不能发表空内容');
}
$size = $_FILES['file']['size'];
if ($size > 2048 * 1024) {
throw new Exception("文件大小不得大于2M");
}
$allow = array("png", "jpg", "jpeg", "gif");
$ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
if (!in_array($ext, $allow)) {
throw new Exception('不允许的图像格式');
}
$path = ROOT . '/admin/upload/' . date('y/m/d/', time());
if (!file_exists($path) &&!mkdir($path, 0777, true)) {
throw new Exception('创建目录失败');
}
$destination = $path . md5(time() . mt_rand(1, 99999)) . '.' . $ext;
if (!move_uploaded_file($_FILES['file']['tmp_name'], $destination)) {
throw new Exception('移动临时文件失败');
}
require_once '../config/img.inc.php';
suofang($destination, 299, 179);
if ($type == 0 || $type == 1 || $type == 2) {
$w = 235;
$h = 235;
suofang($destination, $w, $h);
} elseif ($type == 3) {
suofang($destination, 350, 337);
suofang($destination, 300, 133);
} else {
exit("参数错误");
        }
$src = str_replace(ROOT, '', $destination);
$stmt = $conn->prepare('update media_list set `type`=?,`content`=?,`title`=?,`time`=?,`img`=? where id=?');
$time= time();
$stmt->bind_param('issisi', $type,$content,$title,$time,$src,$id);
$stmt->execute();
if ($stmt->errno) {
throw new Exception('插入数据库失败');
}
echo "<script>alert('发表成功,点击返回');window.location='media.php?type=$type'</script>";

} catch (Exception $exc) {
echo $exc->getMessage();
}
} else {
try {
$id = $_REQUEST['id'];
var_dump($id);
$title = test_input($_REQUEST['title']);
var_dump($title);
$content = $_REQUEST['content'];
var_dump($content);
if (empty($title)) {
throw new Exception('请输入标题');
}
if (empty($content)) {
throw new Exception('不能发表空内容');
}
$stmt = $conn->prepare('update media_list set `type`=?,`content`=?,`title`=?,`time`=? where id=?');
$time = time();
$stmt->bind_param('issii', $type, $content, $title, $time, $id);
$stmt->execute();

if ($stmt->errno) {
throw new Exception('插入数据库失败');
}
echo "<script>alert('发表成功,点击返回');window.location='media.php?type=$type'</script>";
} catch (Exception $exc) {
echo $exc->getMessage();
}
}
}